0:12

Hey and welcome to another episode of

0:14

Control Out Asher. This is a show where

0:16

we talk about all things Microsoft technology.

0:18

I'm Tobias and I'm back with UC. What's

0:21

up? Hey Tobias, I've been busy

0:23

with work and a bit

0:25

of travel, mostly business travel.

0:28

And somehow... been

0:30

able to take it easy and

0:32

focus on the essentials in life at

0:34

the same time. You know,

0:36

being conscious of when do you

0:38

have breakfast, ensuring you can do lunch,

0:40

ensuring you have a healthy dinner, getting

0:43

to bed early. I'm

0:45

unsure how I'm achieving this

0:47

and I wouldn't say it's

0:49

a mastery, but it sort

0:51

of is in balance. So

0:53

please don't ask me for a

0:56

trick on this one. I think now

0:58

that I'm reflecting on this one,

1:00

perhaps it comes with age, a bit

1:02

more focus on not pushing full

1:04

steam ahead on everything all the

1:06

time, and more like picking my

1:08

battles and areas of

1:10

folks. Yeah,

1:13

I think that sounds really healthy. I

1:15

know we talked a lot about that.

1:17

Hey, man, we should really start a

1:19

fitness podcast or like a work life

1:21

balance podcast, because I think we have

1:23

a lot of reflections in that. But

1:25

that said, I am also experimenting

1:27

something closely related

1:29

to health, but not directly

1:32

how my health is done

1:34

by eating or working out. So

1:36

I'm experimenting now with air

1:38

quality controls and measurements in

1:40

my house. So I'm

1:42

using AirThings. It's a brand that

1:44

has all these different measurements for the

1:46

air quality, including pollution, CO2,

1:49

radon, all the jazz. So

1:51

I'm also using humidifiers. dehumidifiers,

1:54

fans, and ear purifiers, where applicable,

1:56

you know, I position them next

1:58

to the monitor saying, hey, in

2:00

this room you have really low humidity, you need

2:02

to get it up, otherwise you might get cracks

2:04

in the walls. Other places might

2:06

say, hey, it's too humid, you might get mold,

2:09

right? So I'm trying

2:11

that out, placing them out a little

2:13

bit, and this also seems to help me

2:15

quite a bit with my allergies, because

2:17

I'm allergic to dust mites, like a lot.

2:20

And it also makes the ear a lot

2:22

more fresh. So you know, after a few

2:24

hours in your home office or sitting in

2:26

the same room, the ear can feel a

2:28

little bit dense, right? And you have to

2:30

open the windows and air things out.

2:32

But in the last half year, it's been

2:35

winter over here. So it was never a

2:37

good idea to just open up if it's

2:39

a snowstorm outside. So

2:41

using this, like tiny devices for

2:43

measuring and then, you know,

2:45

air purifiers, which are the

2:47

main gadgets that I got. They

2:49

really help with the air quality and

2:51

the the result says that it shows

2:54

on the monitors That the air quality

2:56

is a lot better. The CO2 is

2:58

lowered You know the pollute pollution the

3:00

VVO C2 or whatever the things are

3:02

like the particles And like pollen and

3:04

all the things coming from outdoors as

3:06

well is cleaned up using the filters

3:09

And that that's changing a lot for

3:11

me, especially since I have the allergies

3:13

for dust mites and dust and stuff

3:15

like that So I've been playing around

3:17

with that a bit which It's nice

3:19

because it improves my health and the

3:21

family's overall health, but it's also fun

3:23

because it's digital, it's IoT devices. I'm

3:26

connecting it to my smart home so

3:28

I can also monitor things and get

3:30

nice graphs with colors. So I'm happy

3:32

both in my body and my mind. Sounds

3:35

good. I didn't know

3:37

about the AirThings device. I have to

3:39

look it up. I think I still

3:41

have room for one more gadget in

3:43

my home office. So

3:45

as is now almost a

3:47

tradition, perhaps after three or

3:49

four years, in this episode

3:52

we'll take a frequent look

3:54

at recent Microsoft Tech updates. What's

3:56

new? What's interesting? What are

3:58

we spending our time with?

4:01

Let me warm up. We both

4:04

have our list of stuff

4:06

that we've found. Let

4:08

me warm up with Blast

4:10

from the past. ActiveX

4:12

is now disabled

4:14

in Microsoft 365 apps.

4:18

Starting in April 2025,

4:21

the ActiveX components, extensions,

4:23

plugins, custom controls,

4:25

whatever they used to

4:27

be, they will be

4:29

disabled. by default

4:32

and automatically in Word,

4:34

Excel, PowerPoint, and

4:36

Visio. I didn't recall you

4:38

can do ActiveX in

4:40

Visio or for Visio. It

4:43

turns out ActiveX is

4:45

still around. I

4:47

can't recall when I last

4:49

had to work on any of

4:51

these. I've implemented a

4:53

couple, but that was

4:55

20 years ago or so.

4:57

I still realize ActiveX

5:00

has perhaps some use cases

5:02

in legacy systems, but

5:04

perhaps those legacy systems do

5:06

not need Microsoft 365

5:08

apps either. So in

5:10

more modern work environments,

5:12

it makes sense to

5:14

forcefully disable ActiveX fully

5:17

now. Okay.

5:20

ActiveX, it's a long time since I heard that.

5:22

I recall that back in the day. You

5:24

have to install this version of ActiveX for this

5:26

thing to work or to be able to

5:28

browse this website and all that jazz. I haven't

5:30

used that or seen it or heard about

5:32

it in a long time. Anyway,

5:35

on my end, I've got really three

5:37

big areas I want to talk about today.

5:39

One is Microchip Sentinel. The other one

5:41

is Defender for Cloud because typically we talk

5:44

about some security updates and there's some

5:46

interesting ones in there. The last one is

5:48

going to be retirement notices that I've

5:50

picked out of some of the interesting bits.

5:53

I'm just going to start with Sentinel. There's

5:56

a bunch of updates here. I've

5:58

only picked really one

6:00

update here, and that's the one that I find

6:02

most interesting. I know we talked a lot

6:04

about these capabilities that we were missing, UC, so

6:06

I hope that this finds you well. This

6:08

is now in preview. It's a

6:10

multi -workspace and multi -tenant support

6:12

for Microsoft Sentinel in the Defender

6:14

Portal. It's now in

6:16

preview. It's available in the

6:19

Defender Portal, and you can

6:21

connect to one primary workspace and

6:23

multiple secondary workspaces for Microsoft

6:25

Sentinel. If you're on board

6:27

Microsoft Sentinel, Also with

6:29

Defender XDR, you

6:31

get a primary workspace and the

6:33

alerts, they're correlated with Defender

6:35

XDR data, like the

6:37

Sentinel and the XDR data

6:40

is then correlated. So any

6:42

incidents include alerts from Microsoft

6:44

Sentinel's primary workspace and Defender

6:46

XDR, and all

6:48

the other onboarded workspaces are

6:50

considered secondary workspaces. So

6:52

if you're... Sentinel workspaces, you

6:54

probably understand what that means. Incidents

6:57

are then created based on the

6:59

workspace data and won't include Defender XDR

7:01

data for the secondary ones. So

7:03

as part of this preview, you

7:06

also get multi -tenant support. So

7:08

multi -workspace, great. So you have a

7:10

primary workspace, secondary workspaces. But

7:12

you get multi -tenant support, and this is something

7:14

I know we talked about in the past, not

7:16

just for Sentinel, but for everything. How

7:18

do you get co -pilots to talk about

7:20

cross -tenants? How do you get something else

7:22

to talk about cross -tenants? How do you

7:25

gain insights across tenants? And as part of

7:27

this preview, you now get the multi -tenant

7:29

support, where if you're working with multiple

7:31

tenants and multiple work spaces per tenant, you

7:34

can use Microsoft Defender, which

7:36

has multi -tenant management. to

7:38

view incidents and allurch, and

7:40

then you can hunt for data

7:42

in advanced hunting across both

7:44

multiple workspaces and multiple tenants. So

7:46

you can go in and say, hey, let's

7:48

run these queries, let's go hunting, but not just

7:51

for this one tenant, but for all the

7:53

tenants that you manage and you bring up in

7:55

your Microsoft Defender multi -tenant management view. So

7:58

I can't really wait to try this out

8:00

or see it live. I

8:02

do have a few test tenants, so I can

8:04

probably hook those up but I

8:06

would love to see someone running

8:08

this in production at scale and you

8:10

know I know again we've talked

8:12

a few times about the wish for

8:14

capabilities across tenants working with large

8:16

enterprises or companies who went through an

8:18

M &A, a merger, an acquisition or

8:20

for whatever reasons you might have. So

8:23

I'm really excited to see what this

8:25

looks like when it's flying out in GA.

8:27

I was actually preparing for

8:30

a community event session yesterday,

8:32

just finalizing my deck and

8:34

checking out the demos. I

8:36

went to the Defender XDR portal

8:39

and I did get a pop

8:41

-up on this specific functionality. I

8:43

didn't have time at the time

8:45

to look into it. There's a

8:47

different landing page where you can

8:49

see the tenants and the workspaces.

8:51

This is definitely something that I'm

8:53

happy to finally see because it's

8:56

been a couple of years already,

8:58

at least that we've been talking

9:00

about this, that would be nice

9:02

to have this multiple workspaces, multiple

9:04

tenants in this cohesive, condensed view, one

9:07

pane of glass for all

9:09

of those. I need to

9:11

spin this up as well to figure out

9:13

what the limitations are and what the

9:15

capabilities are. All right,

9:17

next on my list, this was

9:19

an interesting one. IEO performance

9:22

analysis in SQL Server

9:24

on Azure Virtual Machines. That

9:26

is a mouthful. This

9:28

is a small capability

9:30

that helps you optimize

9:32

the SQL Server workloads

9:34

by trying to identify

9:36

if you have any

9:38

performance bottlenecks, typically with

9:40

IO, meaning disk and

9:43

memory and cache and temp

9:45

DBs and so on. It

9:48

will allow you to enhance performance,

9:50

see if there's any sort of

9:52

choke points in terms of latency,

9:55

and how can you ensure

9:57

that your applications run smoothly. I

10:01

didn't have a virtual machine up and

10:03

running that would already have a SQL

10:05

server with some real databases. I don't

10:07

really need that on a daily basis,

10:09

but I did have a look on

10:11

this one. Normally, when

10:13

Microsoft releases something like this,

10:15

which is sort of

10:17

oddly specific for AVM with

10:19

a SQL server. I'm

10:21

expecting to see like an extension

10:23

on the VM and perhaps a

10:26

new button on Azure portal. I

10:28

couldn't find any for now. So

10:31

how this seems to work

10:33

for now is that there's

10:35

a PowerShell script that you

10:37

execute within the VM and

10:39

that will then go through

10:41

and gather all the information

10:43

for you. It was about

10:45

200 rows, didn't seem

10:47

too complex. I had a quick

10:49

look at the script, but I

10:52

figured I really don't have time

10:54

to ingest all the rows. I

10:56

went to GitHub Copilot and just

10:58

said, explain it to me in

11:00

simple terms like I'm five. What

11:03

it does based on GitHub

11:06

Copilot's explanation is it fetches the

11:08

Azure Monitor metrics for the

11:10

given VM. It will check

11:12

if data disk latency exceeds a

11:14

threshold. If so, it

11:16

will compare that with other resource

11:19

usage metrics and it will

11:21

craft a report back on the

11:23

findings. Based

11:25

on the documentation for this one, it

11:28

seems a PowerShell script for now

11:30

compatible with SQL Server on Azure

11:32

VMs, but I'm not sure if

11:34

there's an added capability or angle

11:36

because to me this sounds like

11:38

it has nothing to do with

11:40

the VM itself. It

11:42

has to do with SQL

11:44

Server that you could

11:46

execute through Azure. Obviously. Regardless,

11:48

looks interesting. Have a look

11:50

at the script. Have a look at

11:53

the findings. If you happen to have

11:55

a SQL Server with Azure VM lying

11:57

around. That's actually

11:59

really interesting I've had exactly

12:01

that set up. Running

12:03

SQL Server on Azure VMs,

12:05

we also did try

12:07

to track down performance. bottlenecks

12:10

and figure out like why is it the

12:12

network? Is it latency? Is

12:14

it DNS? Is it the CDN? Is

12:16

it like what is costing this application

12:18

to run this way? And that

12:20

could be really tricky. So I really love that

12:22

there is now an IO performance analysis because

12:24

in our case, it was the disk as well.

12:27

Because we tried to figure this out for

12:29

weeks and we just couldn't figure it

12:31

out. And then someone said, well, let's take

12:33

a look at the disk configuration and

12:35

we did and voila. That's it. I love

12:37

this. I love the fact that there's

12:39

a script to help you do this as

12:41

well and that you get a report

12:43

back. Hopefully, that will save a

12:45

lot of people a lot of time so

12:47

you don't end up in the same situation

12:49

that many of us have been in the

12:51

past. On my side,

12:53

the next update is going to be around

12:55

Defender for Cloud. I think I have three

12:57

updates that I picked. There's a long list

13:00

of updates in March and April already, but

13:02

here's the ones that I found interesting. One

13:04

is enhancements for Defender for app

13:06

service alerts. The reason

13:09

I think this is interesting is app

13:11

service keeps evolving all the time, but

13:13

there's also an existing alert that's going

13:15

away that I used to use for

13:17

some non -work things running on WordPress. On

13:20

April 30th this year, 2025,

13:22

Defender for app service alerting

13:24

capabilities will be enhanced. Microsoft

13:27

is now adding alerts for

13:29

suspicious code executions and for access

13:31

to internal or remote endpoints. They're

13:34

also improving the coverage and

13:36

that reduces the noise from relevant

13:38

alerts by expanding the logic

13:40

and removing alerts that were causing

13:42

unnecessary noise. Now, there's

13:45

no specific details on how any of

13:47

this logic changes other than it says,

13:49

hey, the logic is being changed, so

13:51

it reduces the noise. Great. I don't

13:54

know what that means in terms of

13:56

what logic actually changed, but I trust

13:58

there's some good AI or some good

14:00

analytics on the back end figuring that

14:02

out. But I do

14:04

know that alert fatigue is very

14:06

real and you know less is more

14:08

when it comes to alerts because

14:10

when you get an alert you really

14:12

want to make sure it's tangible

14:14

and actionable Otherwise you're gonna end up

14:16

like in my previous job. I

14:18

could get 150 ,000 alerts in a

14:21

month But you can't take action on

14:23

those that it's not actionable You

14:25

just don't know where to start so

14:27

less is more and I love

14:29

that they're figuring that out and so

14:31

I did mention when alert is

14:33

being deprecated, and that's

14:35

the suspicious WordPress theme

14:37

invocation detected. So

14:39

that's something that was running on the app

14:41

service. So that's going to be deprecated in

14:43

favor of these new alerts. Another

14:46

Defender for Cloud update is now GA,

14:48

generally available, so you can go try it

14:50

out, and has container

14:52

protection with vulnerability assessment and

14:54

malware detection for AKS

14:56

nodes. So

14:58

in Defender for Cloud, You now

15:00

get vulnerability assessments and malware detection

15:03

for those nodes running on AKS. This

15:06

provides you security protection for

15:08

the Kubernetes nodes, and that allows

15:10

you to maintain security and

15:12

compliance across the managed Kubernetes services

15:14

that you're operating. It

15:16

also gives you the opportunity to

15:18

really understand their part in the shared

15:20

security responsibilities. We've talked about the

15:22

shared responsibility a lot. What are the

15:24

things that you're responsible for as

15:26

a customer. What are the things that

15:28

Microsoft or the cloud service providers

15:30

responsible for? Where do you need to

15:32

configure security? Where does Microsoft take

15:35

their responsibility in security? So this

15:37

is great in figuring that out. To

15:39

enable this, you

15:41

go to Defender CSPC

15:43

or CSPS, Defender for

15:45

Containers or Defender for Service

15:47

P2 plan on your subscription. and

15:49

then you enable agentless scanning

15:51

for machines. That's the one. Then

15:53

you get the new vulnerability

15:55

assessments and malware detection capabilities. You

15:58

can check out the show notes for Defender

16:00

for Cloud Updates. I've put the link in there.

16:03

This might be worth of its own unique episode

16:05

as we dive in. I

16:07

do have a couple of AKS clusters up and

16:09

running in some of my tests. We

16:11

could probably try and enable some

16:13

of these things there and then

16:15

inject a faulty or malicious. container

16:18

image just to try it out. And

16:21

the final update for Defender for

16:23

Cloud is something also related to

16:25

containers. So this is Defender

16:27

for containers, now has gated deployment

16:29

of container images to a Kubernetes

16:32

cluster. This is in preview, and

16:34

I love this. The

16:36

gated deployment, it's really an

16:38

important practice to assess container

16:41

image and check them against

16:43

security rules before a deployment

16:45

to a Kubernetes environment. So

16:47

when you say, hey, here's an updated image,

16:50

it now goes into a gated deployment saying,

16:52

okay, let's make a decision here. So

16:54

now you have a security rule that defines

16:56

an action to take if a certain condition

16:58

is met. And that

17:00

condition can be within a

17:02

specific resource scope. And

17:04

the gated deployment admissions controller,

17:06

as it's called, that will examine

17:09

the container image. And if

17:11

there's any vulnerability findings, In

17:13

that artifact, it will check that

17:15

against the security rules relevant for the

17:17

research scope you configured. Really,

17:19

the actions to be taken then is

17:21

either audit or deny, just like we

17:23

have with Azure Policy and other things

17:25

like, hey, if this happens to

17:27

break a policy, what do you want

17:29

to do? Here it's, hey, we've found a vulnerability,

17:31

what do you want to do now? If

17:34

you do audit, that means you deploy

17:36

it anyway and you create a security

17:38

alert for review. Okay, we

17:40

still deployed it. the image is there, but

17:42

there's a finding in the report to get

17:44

an alert, you can go take a

17:46

look. So that's an audit, which means, hey,

17:48

continue, but flag it. And the other one

17:50

is deny, which is

17:52

the more like stringent configuration saying, let's

17:55

not deploy it. And we create a security

17:57

alert for review. So it's not going to get

17:59

deployed. It's not going to get approved to

18:01

roll out. And we're going to raise an alert

18:03

saying, hey, we found something and we blocked

18:05

it. So this is awesome. I

18:08

really like this, you know, not

18:10

just being the passive. check anymore

18:12

saying, okay, we found something you deployed

18:14

yesterday, today we found something, but it's

18:16

like you deployed now or you try

18:18

to deploy it now. And this gated

18:20

deployment will tell you, you configured a

18:22

denied policy on this. So we did

18:24

find something we're going to deny it.

18:27

Here's an alert, go take a look

18:29

before you can continue. I absolutely love

18:31

that. The last one,

18:33

definitely an interesting one. I cannot

18:35

say I have an urgent need

18:37

for that one, but I have a

18:39

sort of thinking that

18:41

this sort of functionality was already

18:43

there. But now that I'm listening

18:46

on this one, this definitely looks

18:48

something I need to try out

18:50

as well. Next on

18:52

my list, this is

18:54

generally available now. The

18:56

Azure networking capabilities for

18:59

Copilot in Azure. So

19:01

we did an episode on Copilot

19:03

in Azure maybe about a year

19:05

ago that was still in early

19:07

preview at the time. It's

19:10

been evolving since and

19:12

that's probably something you would

19:14

expect with Copilot that

19:16

it continuously gets new skills,

19:19

it gets access to more

19:21

data, it becomes more

19:23

comprehensive and more capable of

19:26

serving and managing the

19:28

queries that you are doing.

19:31

I don't really use Copilot in

19:33

Azure that often because I

19:35

usually have an idea in my

19:37

head what I'm planning on

19:39

doing. But what

19:41

the latest update now gives

19:43

you, you can do more

19:45

specific queries on networking capabilities.

19:47

So a couple of examples

19:49

from Microsoft would be network

19:52

product information queries. So you

19:54

would ask something like, what

19:56

is the difference between Azure

19:58

App Gateway and Azure Front

20:00

Door? So obviously you could go

20:02

to Google and do it as well, but

20:04

perhaps in the context of Azure Portal, it

20:06

would make more sense. Another

20:08

one is network product

20:10

selection and architecture guidance

20:13

queries. Suggest a

20:15

network architecture when I'm

20:17

migrating a Java application

20:19

to Azure App Services

20:21

as an example. The

20:24

next one is network

20:26

resource inventory topology traffic path

20:28

queries. I think this was

20:31

already there at some point. Maybe it was

20:33

in preview at that time. And

20:35

the last two network connectivity

20:37

troubleshooting and service diagnostic queries,

20:40

is there something blocking my traffic

20:42

to this VM from the

20:44

internet and what should I do?

20:46

And there's also something called the

20:49

network security attack analysis and

20:51

investigation. So this to

20:53

me sounds like a lightweight approach

20:55

to security co -pilot, perhaps in the

20:57

context of Defender for Cloud. I

21:00

couldn't find any sample queries

21:02

for the last one, but it's

21:04

definitely something I need to

21:06

look into. So I keep

21:08

reminding myself that initially, when we

21:10

get something new like co -pilot in

21:12

Azure, you might be a

21:14

little bit unimpressed like, well, okay,

21:16

there's new stuff. So what? It's

21:18

not really serving me today, but

21:21

then fast forward six months, 12

21:23

months, you get new

21:25

capabilities, you sort of have to

21:27

reorient your expectations. and

21:29

go fresh in that service to see

21:31

what can it do today. It

21:33

still has the same name, but probably

21:35

under the hood it's totally different. Yeah,

21:39

no, I absolutely concur here. And

21:41

like you mentioned just in the beginning,

21:43

Copilot for Azure is evolving. It

21:45

has evolved a lot. I think

21:47

about a year ago when we tried

21:49

it out, it was pretty rudimentary. It did

21:51

not bring back all the results we

21:54

wanted, but we also knew that, hey, Microsoft

21:56

is releasing this pretty early to give

21:58

everyone in the wild a chance to impact

22:00

how it's going to work as well. So

22:03

more limited features when it came

22:05

out, it's growing really quickly. As

22:07

you were speaking, I just tried one

22:09

of the prompts that I know I tried

22:11

last year and that did not work

22:13

very well. But all of that works now.

22:16

And I said, hey, can you provide me

22:18

the last month's cost broken down by service

22:20

and region? And then you

22:22

tell it how to format that. And

22:24

it's like, OK, here's the total cost

22:26

of 631 euros. Here's the

22:28

service. Here's the region. Here's the charge for

22:30

that one service. This is the percent

22:32

of total charges. That literally took two seconds.

22:35

You don't have to go into the cost report

22:37

to figure all these things out. For

22:40

me, I use Copilot in Azure to quickly

22:42

understand some of the things I have in my

22:44

subscriptions, especially to have huge subscriptions

22:46

with a ton of different things. You

22:48

can, of course, go into your dashboards

22:50

and your workbooks and your cost management

22:52

and analysis features and all this. You

22:54

can also just go and talk to

22:56

Copilot and say, hey, here's the very.

22:59

small market of information that I need

23:01

and you can pull that out. So

23:03

I'm also very happy to see the

23:05

updates you shared here about Azure Networking

23:07

capabilities and that it now understands these

23:09

things better because that's some of the

23:11

most critical things to understand when you

23:13

configure workloads in Azure. How do you

23:15

secure things? How do you set up

23:17

the perimeter network? How do you configure

23:19

networking and how do you secure things

23:21

with the NSGs and all these things?

23:23

So hopefully more people will adopt using

23:26

that. I for sure know I'm using

23:28

it a lot. But

23:30

enough about co -pilot for now.

23:34

I have my final updates or a

23:36

list of updates and this is

23:38

a list of retirement notices. Sometimes

23:40

we talk about things that are

23:42

updated or new services or new previews.

23:44

Sometimes we talk about things that

23:46

are being retired because that's equally important

23:48

to understand if you're using any

23:50

of these things. There's a

23:52

lot of things on our list to be retired. I

23:55

picked out the ones that I know

23:57

people can relate to or that I

23:59

know some customers I know are using.

24:02

And it's a short list, like

24:04

five or six items. So

24:07

Log Analytics Batch API

24:09

is going to be retired

24:11

on March 31st, 2028. It's

24:14

a long way to go, but it's

24:16

nevertheless important to understand that it's going

24:18

away. Log Analytics Beta

24:20

API is going to be retired

24:22

on March 31st, 2026. So

24:25

batch and beta, they're different APIs, but

24:27

they're both for log analytics APIs, and

24:29

they're both getting retired. CDN

24:32

domain URL change for agents

24:34

in pipeline. This

24:37

is an update saying, hey, the

24:39

CDN domain for agents in Azure

24:41

DevOps pipelines are going to change.

24:43

Microsoft announced this retirements, that

24:45

Edge IO CDN for Azure DevOps,

24:47

they are transitioning that to

24:49

a solution served by Acame and

24:51

Azure Front Door CDNs instead.

24:53

and this change will affect Azure

24:56

DevOps pipeline customers. So the

24:58

potential impact is if you're running

25:00

self -hosted agents, if you're running

25:02

Azure VM scale set agents,

25:04

or managed DevOps pools agents. And

25:06

the steps here is simply update

25:09

your organization's firewalls, allow list, and

25:11

then configure and run the test pipeline to make

25:13

sure it works. You can see that

25:15

in the show notes. I've put a link there. You can

25:17

go take a look. The

25:19

other updates, and I know this

25:21

one is important because a load

25:23

of Customers I have been working

25:26

with in my past, they're using

25:28

Ubuntu for different agents, for different

25:30

container images, and Ubuntu is really

25:32

powering a lot of the Linux

25:34

distributions out there and Linux -based

25:36

images. The canonical

25:38

Ubuntu 20 .04 LTS

25:40

is reaching end -of

25:42

-standard support. LTS is

25:44

long -term support. May

25:47

31st, 2025, so

25:49

that's coming up real quick. And

25:51

that means the

25:53

official support for Ubuntu

25:55

20 .04 is coming

25:57

to an end. So

26:00

the action here is before May

26:02

31st, 2025. Hopefully, if

26:05

you want to stay in a

26:07

supported operating system, you upgrade to 24

26:09

.04. Just keep in

26:11

mind that there's no direct upgrade

26:13

path from 20 .04 to 24

26:15

.04. Then you have to middle

26:18

land and upgrade first to

26:20

2204 and then from there to

26:22

2404. Or if you just

26:24

freshly install Ubuntu, you can do

26:26

2404 directly. And this is

26:28

important to know so you don't have an

26:30

existing OS and you try to upgrade it

26:33

because you have to do that step in

26:35

between. And that reminds me of how we

26:37

upgraded some SharePoint servers back in the day.

26:39

We had to do the step install and

26:41

couldn't just do a major update sometimes. Another

26:45

thing. that I know customers

26:47

have been using in the past. I

26:49

really hope nobody's using this now. Support

26:51

for application insights status monitor

26:53

version 1 will end on March

26:56

31st, 2025. If you have

26:58

no idea what this is, that's

27:00

great. If you have

27:02

used this product in the past,

27:04

ensure that you remove any code

27:06

that downloads to applicationinsightsagents .msi installer.

27:08

You probably don't know what that

27:10

is, but if you do, you

27:12

know that in 2019, We

27:15

had V1, which was replaced

27:17

by Application Insights Agent, which was

27:19

formerly known as the status

27:21

monitor V2. That was way back

27:24

in 2019. So

27:26

V1 was pre -2019.

27:29

So you've had ample time to do

27:31

this, no excuses anymore. If you're

27:33

still using V1 for whatever reason in

27:35

whatever legacy code you have running,

27:37

make sure you fix that. You should

27:39

use Azure Monitor Application Insights Agent

27:41

instead. The final deprecation

27:43

notice that I know some

27:45

customers have been using myself

27:47

included is Python 3 .9 support

27:49

ends this year in October

27:52

31st. Make sure you upgrade

27:54

your Azure Functions. If

27:56

you have apps running in

27:58

Azure Functions, make sure they're running

28:00

on Python 3 .11 or whatever

28:03

comes after that as new

28:05

Python updates come out. But 3

28:07

.9 will end support on October

28:09

31st, 2025. And that was

28:11

the full list of updates from my end.

28:14

That's a lot of retirements. But

28:16

at the same time, they

28:18

are super specific at the same

28:20

time. So Python 3 .9 to

28:22

something else makes perfect sense.

28:24

I don't really follow on Python

28:27

versions. So I have

28:29

no idea if there's a lengthy

28:31

period between Python 3 .9 to 3

28:33

.11 release dates. It could be

28:35

years or months. I need to

28:37

look that up as well. The

28:39

last one for me, this is a

28:41

little bit more lightweight. Microsoft

28:43

released a free

28:45

AI agents for beginners

28:48

online course. This

28:50

is on GitHub. It's

28:52

10 lessons on understanding

28:54

and learning to build

28:56

AI agents. Obviously, free

28:58

of charge. This

29:00

focuses more on actual

29:02

code. This is

29:04

not about using Copilot Studio

29:07

to do click -offs. This is

29:09

about using semantic kernel. How

29:11

do we harness those capabilities?

29:13

How do we loop in LOMs?

29:15

How do we do the

29:17

agentic AI design patterns? Do

29:20

we need to do RAG? How do we

29:22

plan? How do we do multi -agents? How do

29:24

we deploy to production? It's

29:26

a little bit high level in

29:28

the sense, so it's not

29:30

really holding your hand. It's more

29:32

like laying it out on

29:34

the table for you to figure

29:37

out what's relevant for you

29:39

in what stage of your plans

29:41

on building agentic AI agents. Looks

29:45

interesting. There's a multi -language

29:47

version available as well.

29:49

Sadly, no Finnish, no Swedish.

29:52

There's Polish and Persian and German

29:54

and so on. which is nice

29:57

nowadays. So definitely have a

29:59

look on that one. It's been

30:01

available for a couple of days. So

30:03

So everything we mentioned, you can

30:05

see the resources in the show notes.

30:08

I think that's all we have for

30:10

this week in terms of tech

30:12

updates. Thanks for tuning in. See you

30:14

next week. All right. See you

30:16

then.